DISA Rule

SV-807r2_rule

Vulnerability Number

V-807

Group Title

GEN002520

Rule Version

GEN002520

Severity

CAT II

CCI(s)

CCI-000225 - The organization employs the concept of least privilege, allowing only authorized accesses for users (and processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

Weight

10

Fix Recommendation

Change the owner of public directories to root or an application account.

Procedure:
# chown root /tmp

(Replace root with an application user and/or /tmp with another public directory as necessary.)

Check Contents

Check the ownership of all public directories.

Procedure:
# find / -type d -perm -1002 -exec ls -ld {} \;

If any public directory is not owned by root or an application user, this is a finding.

Vulnerability Number

V-807

Documentable

False

Rule Version

GEN002520

Severity Override Guidance

Check the ownership of all public directories.

Procedure:
# find / -type d -perm -1002 -exec ls -ld {} \;

If any public directory is not owned by root or an application user, this is a finding.